Four years after Google published its first groundbreaking transparency report in 2010, Access Now began to compile our Transparency Reporting Index (TRI) to make it easier for researchers, journalists, and the public to find information about who gets to access our data. When we started compiling our Index in 2014, the Snowden revelations and resulting public and civil society outcry had inspired a surge of transparency reporting. More recently, after the Brexit vote and the election of current U.S. President Donald Trump, we saw another jump in company transparency, this time regarding the freedom of expression and enforcement of terms of service.
It’s our hope that our index can serve as a force for holding these companies accountable on a consistent basis, not just when they break our trust. We publish our comprehensive methodology for the first time with this year’s update to the index, detailing our strategy for systematically analyzing the performance of the increasingly diverse set of companies and institutions that publish these reports.
This recent update of the TRI revealed a mixed bag of outcomes for transparency. Notably, we saw a persistent decrease in the rate at which the number of companies are publishing reports after 2013. As we told The Atlantic, which recently reported on this trend in the U.S., this setback puts at-risk communities, responsible investors, and the companies themselves in a worse position, and begs intervention by regulators.
While the net number of reports published skyrocketed after the Snowden revelations, in recent years we’ve seen stagnation in transparency reporting. This is in part because of inconsistent updating by companies. Only 12 of the 70 companies that have issued transparency reports updated theirs regularly enough to have a report published every year since their first release.
Another trend we noticed was an increase in regional diversity. The first transparency reports from the African region were recently published, and there was a steep increase in the number of reports from Europe.
Still, corporate transparency reporting does not adequately represent the regional diversity of all technology companies; North America remains the overwhelming leader in publishing transparency reports.
The final highlight from our findings is the diversity of industry represented. (Our methodology outlines how we classify each type of company and institution.)
Just a cursory glance at the index will reveal that by and large internet and mobile ecosystem companies lead the charge in transparency. Telecommunications companies follow far behind in second place. As entities that control large swaths of our personal data, telecommunications companies impact our digital rights just as much as the internet and mobile ecosystem companies. It is therefore imperative that more telecommunications companies publish transparency reports. Others that lack sufficient transparency include public Wi-Fi providers and “New Technologies” companies, our term for the firms generating business making emerging tech products and services, such as virtual reality, robotics, biotechnology, smart devices, and connected cars.
Public Wi-Fi providers like Boingo serve billions of users passing through airports and other global hubs. The data these companies gather while providing an important public resource is often overlooked. It is high time that companies in this sector begin a dialogue about transparency and privacy policies, starting with the publishing of their first transparency reports.
New Technologies similarly have flown under the radar, avoiding public pressure and scrutiny. Companies like Boston Robotics, Oculus, Tesla, and digital currency companies are exceedingly opaque about data collection, protection, and interaction with law enforcement. As these companies gain a foothold in our digital lives, we must demand that they respond with transparency about their role in and the power they have over the data they collect.
Finally, our analysis of the TRI data revealed a trend of inconsistent reporting. Out of all 70 companies we have included in the index, 15.71% have failed to provide consistent, continuous reports each year since they started the transparency reporting. Some platform companies, such as Medium and DreamHost, released only one report in the span of five years. And a few telcos who control massive amounts of personal data, such as Vodafone, were not able to provide consistent transparency data or annual reports. It should be standard to commit to updating transparency reports regularly — 100% of companies should have updated reports for every year. We highlight this finding to illuminate the fact that transparency is not a one-and-done endeavor; it’s an ongoing process that requires continued conversation.
Without transparency, accountability remains out of reach. These negative trends force us to consider other options to maintain and increase transparency and disclosure of corporate actions affecting our digital rights. We believe governments should require reporting by companies and other entities on their policies and practices when they collect, process, and share our data with third parties including law enforcement agencies, as well as sharing information on enforcement of terms of service. Meanwhile, we hope that responsible investors see resources such as our Transparency Reporting Index and the Ranking Digital Rights Corporate Accountability Index as valuable tools to help screen companies and target advocacy. These stakeholders understand that the better companies perform on these indexes, the stronger their support for human rights, and the more sustainable the firms will be.